vulnerability

Apple iTunes security update for CVE-2020-3861

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:N)

Published

Jan 29, 2020

Added

Jan 29, 2020

Modified

Mar 27, 2026

Description

The issue was addressed with improved permissions logic. This issue is fixed in iTunes for Windows 12.10.4. A user may gain access to protected parts of the file system.

Solution

apple-itunes-upgrade-12_10_4

References

CVE-2020-3861
https://attackerkb.com/topics/CVE-2020-3861
EUVD-EUVD-2020-25126
http://support.apple.com/kb/HT210923
https://euvd.enisa.europa.eu/vulnerability/EUVD-2020-25126

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report